The cyber attack vectors available to hackers will continue to grow as the Internet of Things (IoTs) become more commonplace, making valuable data accessible through an ever-widening selection of entry points.
Although it’s not the hackers alone, the NSA is also behind the Internet of Things.
We already know the United States National Security Agency’s (NSA) power to spy on American as well as foreign people – thanks to the revelations made by whistleblower Edward Snowden in 2013.
But, now the agency is looking for new ways to collect even more data on foreign intelligence, and for this, the NSA is researching the possibilities of exploiting internet-connected biomedical devices ranging from thermostats to pacemakers.
During a military technology conference in Washington D.C. on Friday, NSA deputy director Richard Ledgett said his agency officials are "looking at it sort of theoretically from a research point of view right now."
Ledgett totally agreed on the fact that there are easier ways to track terrorists and foreign intelligence spies than to hack any biomedical devices they might have, but believed that these devices could be a source of information for the agency, reports the Intercept.
When the deputy director was asked whether the entire scope of the IoTs, i.e. Billions of interconnected devices from toy’s Wi-Fi to medical devices, would be a bonanza for the agency or just a security nightmare, Ledgett replied, "Both."
"As my job is to penetrate other people’s networks, complexity is my friend," Ledgett said. "The first time you update the software, you introduce vulnerabilities, or variables rather. It’s a good place to be in a penetration point of view."
Ledgett also explained that why the NSA was not able to help the FBI hack into iPhone belonged to the San Bernardino shooter, which was accessed by the FBI after buying an exploit from a group of hackers for a large sum of cash.
It’s because the agency had not exploited that particular model of iPhone, as the NSA has to prioritize its resources, which are not focussed on popular gadgets, rather on the bad guys’ technology of choice.
"We do not do every phone, every variation of the phone," Ledgett said. "If we don’t have a bad guy who’s using it, we don’t do that."
Ledgett is not the only intelligence official who sees the growing IoT devices as a possible way for global spying.
During a Senate hearing in February, the Director of National Intelligence James Clapper also said that internet-connected devices could be useful "identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials."